[ml] Guidance Software[EnCase] Customer Database Hacked?

Salve a tutti,

Per quelli che non lo sanno, la Guidance Software è la casa che
produce il celeberrimo software EnCase, nelle sue varie forme,
utilizzato in lungo e largo (vabe' non interessa a nessuno ma a me non
è mai piaciuto) da

"information security professionals, computer incident response teams
(CIRTs), eDiscovery auditors and forensic examiners".

Pare che il database di Guidance abbia ricevuto visite...vi incollo
alcune email del relativo thread girate su una mailinglist che seguo, faccio una
specie di collage:

-------------------------------
Does anyone know the if the user database at Guidance software was truly
hacked?

It would be nice to hear something from Guidance.  If they are trying to be
hush hush about it, I think it would cause more damage than putting the
cards on the table.....

Further, according to their letter, they were storing the database and
keeping CC numbers and the CC verification numbers, in the same unencrypted
database?

The following seems to be moving around the forensic message boards:


""We are writing to inform you that on December 7, 2005, we discovered a
security breach of our electronic records.  We quickly investigate the
incident and determined that in November 2005, a hacker penetrated our
perimeter defenses and obtained unauthorized access to one of our servers,
which contained our database of customer records.  That database contained
the credit card numbers of approximately 3,800 people.  We believe that the
compromised database contained certain information about you, including your
name, all addresses you have provided us, and the below-listed credit card
numbers, along with expiration dates and card verification numbers.""


""If you have used a credit card to purchase from Guidance Software please
take the appropriate actions to protect yourself.""


""They claim to have sent notices to everybody who is a customer with a
credit card on file at GS. When asked how this could have happened in the
first place, the response was "We're not security experts, just computer
forensics and incident response"".

""They feel that by sending this notice out and telling customers to watch
their accounts for unauthorized charges, they have fulfilled their
obligation as far as they are concerned.""



And suddenly their message boards are offline, Coincidence?


http://www.guidancesoftware.com/support/index.asp
http://www.guidancesoftware.com/support/messageboards.asp

""""Message Board Update


This past weekend, the EnCase Message Boards were taken off line so that we
could perform maintenance and upgrade each of the software components. In
the process of doing the upgrades, we encountered some software
compatibility issues, which we are currently working through.

We apologize for the inconvenience this downtime may have caused, but we are
working diligently to ensure that all features and functionality are working
perfectly before bringing the boards back on line. We are targeting having
the Message Boards fully functional by Monday, 19 December, with the
possibility of bringing it back online sooner.""""""

-------------------

An associate received the same letter that you cite,
and called the phone number that was given with the
lettter.  He got what he called 'grudging
confirmation'.  As a side note, he was as concerned
that they had retained his credit card information for
2 years as he was about their getting hacked.  It is
pretty much all over the Net. now, including the UK.
...
It would be totally out of character, in my opinion,
for them to make a public disclosure.  They can't even
admit that their product has problems.
....

---------------

....
I know they had to....my big concern is... It happened in November, they did
not discover it until Dec., then they decide to notify "only" by postal mail
(as required by CA law).  They are a incident response / forensic company,
you think they would know and value the importance of getting the word out
quickly.
.....
Remember, a lot of their business is large corporations and Law Enforcement
agencies, most of which do business by P.O., I understand it was only their
CC customer database that was hacked.
....

-----------------

Guidance Software is an unethical company driven by greed.

They truly do not care that their products and their training are flawed.

Guidance cares only that its products sell, and for them to sell as
widely as possible they need to convince law enforcement agencies that
in order to do 'computer forensic investigations' you need to license
their products.

Has this resulted in wrongful convictions of innocent persons based on
Guidance Software's brand of flawed computer forensics? Absolutely,
yes. Does Guidance care? Absolutely, not.

There needs to be a death penalty for corporations.

----------

___
Lonely Wolf